BP takes 18,000 laptops off LAN

By putting deperimeterization into practice, BP's technology director is hoping to make his company's computers more secure.

Energy group BP has shifted thousands of its employees off its LAN (local area network) in an attempt to repel organized cybercriminals.

Rather than rely on a strong network perimeter to secure its systems, BP has decided that these laptops have to be capable of coping with the worst that malicious hackers can throw at it, without relying on a network firewall.

Ken Douglas, technology director of BP, told the UK Technology Innovation & Growth Forum in London on Monday that 18,000 of BP's 85,000 laptops now connect straight to the Internet even when they're in the office.

"Hackers and virus writers have been a problem for years. But today there are very well-organized gangs in Russia, China and Brazil, with large teams and large server farms, that are determined to get their hands on our internal data and our users' identities," said Douglas.

"Typically, companies use a firewall and assume that the local area network is secure. But we've come to the conclusion that the LAN has to go," said Douglas.

In the case of a laptop, it could be protected by a top-of-the-range firewall when plugged into the office network. But this is of no use if an employee connects at an unsecured Wi-Fi hot spot.

BP is a founder member of The Jericho Forum, which is pushing for the 'deperimeterization' of security. This means encouraging the security industry to help companies secure every part of their networks rather than just the points where they face the outside world.

Douglas explained that BP is putting this approach into action. "We've moved 18,000 of our 85,000 laptops to an environment where they link to the Internet by default," he said, adding that BP believes it can "harden them" to the dangers of the Internet.